Business Continuity through Authentication Flexibility

The Federal Emergency Management Agency defines business continuity this way, “Continuity includes all activities conducted by jurisdictions to ensure that their essential functions can be performed. This includes plans and procedures that delineate essential functions, specify succession to office and emergency delegation of authority, provide for the safekeeping of vital records and databases, identify alternate operating strategies, provide for continuity communications, and validate these capabilities through test, training, and exercise (TT&E) programs.”

The Federal Government is currently facing the challenge of keeping essential functions running during the government shutdown – similar challenges exist when security is compromised.

When faced with a disruption in enterprise security, businesses need to ensure that data is protected and that system access is not compromised. Appropriate security policy will trigger varying authentication challenges based on risk analysis such as suspicious transactions, policy violations, or out-of-norm behavior. These security authentication parameters should be customized in real-time for users both inside and outside the organization, presenting authentication challenges based upon the latest threat assessment.

For example, security threat models mapped to the overarching identity access management strategy would challenges to users based on logins from a particular region or country, login frequency, changes in their ISP, machine characteristics, or other criteria.

To learn more about how to plan for and manage through potential business continuity disruptions, contact our specialists.